I keep hearing on VPN ads that you have to use a VPN to not have your login information stolen. So far I have been using Cloudflare WARP to be safe enough. However, if I am using an HTTPS website, do I really need a VPN or WARP? Will an attacker on the same network as me be able to access passwords transmitted over HTTPS?
Replying to myself to add: if you use a VPN to hide your surfing habits from your boss, the security team can tell you are using a VPN. They may or may not care, it largely depends on where you work and if you’re using your device or a company device and the “corporate culture” of the place you work. Just have a cover story / explanation ready to go if you roll the dice on this one. If you work for a large corporate bank or something like that, I wouldn’t even try it.
If you’re using a company device, a VPN won’t help you. They could install a keylogger without you having any way of knowing.